[Git][security-tracker-team/security-tracker][master] Add gitolite3 issue
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 12 20:50:12 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2668cbd1 by Salvatore Bonaccorso at 2018-09-12T19:48:51Z
Add gitolite3 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2018-XXXX [prevent access to repos which are in the process of bring migrated]
+ - gitolite3 <unfixed>
+ - gitolite <removed>
+ NOTE: https://groups.google.com/forum/#!topic/gitolite-announce/WrwDTYdbfRg
+ NOTE: https://github.com/sitaramc/gitolite/commit/dc13dfca8fdae5634bb0865f7e9822d2a268ed59
CVE-2018-16951 (xunfeng 0.2.0 allows command execution via CSRF because masscan.py ...)
NOT-FOR-US: xunfeng
CVE-2018-16950 (Inteno DG400 WU7U_ELION3.11.6-170614_1328 devices allow remote ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2668cbd17bbc31ed2d5a14e6550c63405b31b9e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2668cbd17bbc31ed2d5a14e6550c63405b31b9e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180912/42e9e272/attachment.html>
More information about the debian-security-tracker-commits
mailing list